11 tools and resources
VirusTotal API v3 is a threat intelligence platform for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context.
Acapulco is a Splunk application that automatically generates meta-events from hpfeeds channels and visualizes them using D3.js.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
A Splunk app mapped to MITRE ATT&CK to guide threat hunts.
Open-source project for building instrumented environments to simulate attacks and test detections.
Curated datasets for developing and testing detections in SIEM installations.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
